<!DOCTYPE html>
<html>

<head>
    <meta charset=" utf-8">
    <meta http-equiv="Content-Security-Policy" content="default-src 'self'; img-src https://*; child-src 'none';report-uri /_/csp-reports;">
    <title>csp</title>
    <script src="https://cdn.bootcss.com/jquery/1.9.1/jquery.min.js"></script>
    <script src="https://cdn.bootcdn.net/ajax/libs/axios/0.21.0/axios.js"></script>
</head>

<body>
    <span id="txt">CSP测试</span>
    <script>
        console.log('-----使用csp时，这行代码不会执行---')
    </script>
</body>

</html>